theevilbit / Shield
An app to protect against process injection and suspicious file links on macOS
☆220Updated 3 years ago
Alternatives and similar repositories for Shield:
Users that are interested in Shield are comparing it to the libraries listed below
- A command line tool for pstree-like output on macOS with additional pid capturing capabilities☆252Updated 8 months ago
- File Monitor Library (based on Apple's new Endpoint Security Framework)☆345Updated 2 years ago
- A DNS Monitor, leveraging Apple's NEDNSProxyProvider/Network Extension Framework☆189Updated 8 months ago
- And open-source version of % sfltool dumpbtm☆129Updated last year
- Process Monitor Library (based on Apple's new Endpoint Security Framework)☆452Updated last year
- Mapping XProtect's obfuscated malware family names to common industry names.☆84Updated 11 months ago
- Secure example of an XPC helper written in Swift☆107Updated 5 years ago
- This is a work-in-progress command line tool for reversing run-only AppleScripts. It will help parse the output of applescript-disassembl…☆67Updated 4 years ago
- Phorion Kronos is a macOS security tool designed to enhance Apple's Transparency Consent and Control (TCC) security and privacy mechanism…☆75Updated last year
- Scripts (python3 and Swift) for macOS to recursively check /Applications and also check /usr/local/bin, /usr/bin, and /usr/sbin for binar…☆97Updated 2 years ago
- WhatsYourSign adds a menu item to Finder.app. Simply right-, or control-click on any file to display its cryptographic signing informatio…☆323Updated 2 months ago
- process info/monitoring library for macOS☆420Updated 4 years ago
- Scan your computer for applications that are either susceptible to dylib hijacking or have been hijacked.☆91Updated 2 years ago
- A simple run-only applescript disassembler☆120Updated 3 years ago
- A user-mode application authorization system for MacOS written in Swift☆302Updated 4 years ago
- Various scripts for macOS tasks☆127Updated 6 months ago
- View all modules on that are loaded in the OS kernel☆74Updated 2 years ago
- example project, utilizing Proc Info library☆70Updated 4 years ago
- checks if an application is pristine (untampered) and from the official Mac App Store☆74Updated 4 years ago
- Visually explore all running tasks (processes) ....viewing its signature status, loaded dylibs, open files, network connection, and much …☆95Updated 4 years ago
- Generic ransomware detector☆87Updated last year
- A module to expose the Endpoint Security library to Swift☆20Updated 5 years ago
- macOS XProtect definition files☆40Updated 3 years ago
- OSX Events Monitor☆22Updated 6 years ago
- View and remove notification messages from Apple's "Notification Database"☆103Updated 4 years ago
- A macOS application for browsing the IOKit registry.☆190Updated 2 years ago
- information and tools to understand the internals of Apple’s operating systems☆151Updated 2 weeks ago
- A parsing tool for backgrounditems.btm☆48Updated 8 months ago
- Network Monitor☆335Updated 6 months ago
- Proof of concept MacOS post exploitation tool written in Swift. Designed as a POC for blue teams to build macOS detections. Author: Cedri…☆121Updated 4 years ago